Product Security Engineer Graduate (Security Assurance) - 2026 Start (BS/MS)

Seattle, WA
Permanent
Full-time

30 days ago

The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.We are looking for talented individuals to join our team in 2026. As a graduate, you will get opportunities to pursue bold ideas, tackle complex challenges, and unlock limitless growth. Launch your career where inspiration is infinite at TikTok.Successful candidates must be able to commit to an onboarding date by end of year 2026. Please state your availability and graduation date clearly in your resume.Candidates can apply to a maximum of two positions and will be considered for jobs in the order you apply. The application limit is applicable to TikTok and its affiliates' jobs globally. Applications will be reviewed on a rolling basis - we encourage you to apply early.Job Responsibilities
As a Graduate Application Security Engineer, you will be at the forefront of our efforts to embed security into the entire product lifecycle. You will work alongside various engineering teams to secure our applications, from design to deployment. Your responsibilities will include:
1. Assisting in the design and execution of security assessments, including code reviews, penetration testing, and threat modeling for web and mobile applications.
2. Design and develop security tooling to identify vulnerabilities and optimise the product security review process.
3. Perform architecture and design reviews to ensure that our applications are implemented to the highest security and privacy standards, thus maintaining and enhancing user trust.
4. Work closely with software engineering teams to provide security guidance and co-design complex production systems.
5. Research and discover security issues in globally used technologies, support incident response for high profile and critical cases, and push fixes across the entire company.Qualifications:Minimum Qualifications
1. Final year or recent graduate with a background in Computer Science, Cybersecurity, Software Engineering, or a related technical discipline.
2. Experience in writing and reviewing code in at least two of the following programming languages: Kotlin, Swift, TypeScript, Go, Python, Rust.
3. Solid knowledge and understanding in various disciplines: web application security, mobile app security, network security, applied cryptography. You're expected to be familiar with at least one of these areas.
4. Familiarity with common security risks, including their principles, attack and defense strategies, and systematic governance and mitigation approaches.
5. Self-driven and capable of coping with ambiguity and applying theoretical concepts in practice.
6. Demostrate interest in cybersecurity.
7. Strong problem-solving skills and excellent debugging / troubleshooting skills.Preferred Qualifications
1. CTF players, or Live Hacking Event experience.
2. BugBounty experience with reputable statistics in HackerOne, BugCrowd, Intigriti, Immunifi etc.
3. Published security research, CVEs, Open source tooling, public presentations / talks.
4. Pwn2Own Master of Pwn points.By submitting an application for this role, you accept and agree to our global applicant privacy policy, which may be accessed here: https://careers.tiktok.com/legal/privacy

TikTok

Apply Now